Appliance update: NSS vulnerability

Post Reply
User avatar
mark
Site Admin
Posts: 5513
Joined: Tue Apr 25, 2000 6:56 pm

Appliance update: NSS vulnerability

Post by mark »

Several vulnerabilities have been found in the NSS libraries used on the appliance. See CVE-2015-7181, CVE-2015-7182, and CVE-2015-7183. These vulnerabilities affect ssh and https access to the appliance, not the crawler.

There are various packages that must be installed to fix the vulnerabilities depending on appliance platform. All related packages must be installed at the same time and the appliance rebooted after installation. Possible packages are: nss, nss@32, nspr, nspr@32, nss-sysinit, nss-tools, nss-util, nss-softokn, nss-softokn-freebl, nss-softokn-freebl@32, prelink.

Download and install updates by visiting the System->System Setup->Update Software page on the appliance.
Post Reply